CVE-2022-40845: n/a in n/a
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not explicitly authorized to have.
AI Analysis
Technical Summary
CVE-2022-40845 is a medium-severity vulnerability affecting the Tenda AC1200 Router model W15Ev2 running firmware version V15.11.0.10(1576). The core issue involves password exposure, which is exacerbated by improper authorization and session management flaws. Specifically, an attacker who already has access to the router—likely through network access or physical proximity—can exploit these combined weaknesses to retrieve sensitive information that should be protected. The vulnerability is categorized under CWE-425, which relates to improper authorization, indicating that the router's access controls do not adequately restrict user privileges or session handling. The CVSS 3.1 base score of 6.5 reflects a scenario where the attacker requires low privileges (PR:L) but no user interaction (UI:N) and can exploit the vulnerability remotely over the network (AV:N). The impact is primarily on confidentiality (C:H), with no direct effect on integrity or availability. No known exploits are currently reported in the wild, and no official patches or vendor advisories are linked, which suggests that mitigation may rely on configuration changes or firmware updates if available. The vulnerability highlights risks in consumer-grade networking equipment where session management and authorization controls are often less robust, potentially allowing attackers to escalate privileges or extract sensitive credentials once inside the network perimeter.
Potential Impact
For European organizations, especially small and medium enterprises or home offices relying on Tenda AC1200 W15Ev2 routers, this vulnerability poses a significant confidentiality risk. Attackers with network access—such as malicious insiders, compromised devices on the LAN, or attackers who gain temporary physical access—could extract router passwords or other sensitive configuration data. This exposure could lead to further network compromise, including interception of traffic, unauthorized changes to network settings, or pivoting to other internal systems. Given the widespread use of consumer-grade routers in European homes and small businesses, exploitation could facilitate broader attacks such as data breaches or espionage. The lack of integrity and availability impact reduces the risk of service disruption but does not diminish the threat to sensitive information confidentiality. Additionally, the vulnerability could be leveraged in targeted attacks against high-value individuals or organizations using this router model, especially if combined with other vulnerabilities or social engineering tactics.
Mitigation Recommendations
Organizations and users should first verify if their Tenda AC1200 W15Ev2 router is running the vulnerable firmware version V15.11.0.10(1576). If so, they should check for any available firmware updates from Tenda that address this vulnerability. In the absence of official patches, users should: 1) Change default and current router passwords to strong, unique credentials to reduce the risk of unauthorized access. 2) Restrict administrative access to the router interface by limiting it to wired connections or specific trusted IP addresses, disabling remote management if enabled. 3) Implement network segmentation to isolate the router management interface from less trusted devices. 4) Monitor router logs for unusual access patterns or configuration changes. 5) Regularly reboot the router to clear session states that might be exploited. 6) Consider replacing the device with a more secure router model if updates or mitigations are unavailable. Additionally, educating users about the risks of exposing router interfaces and enforcing strict access controls on network devices will help reduce exploitation likelihood.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland, Belgium, Sweden, Austria
CVE-2022-40845: n/a in n/a
Description
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not explicitly authorized to have.
AI-Powered Analysis
Technical Analysis
CVE-2022-40845 is a medium-severity vulnerability affecting the Tenda AC1200 Router model W15Ev2 running firmware version V15.11.0.10(1576). The core issue involves password exposure, which is exacerbated by improper authorization and session management flaws. Specifically, an attacker who already has access to the router—likely through network access or physical proximity—can exploit these combined weaknesses to retrieve sensitive information that should be protected. The vulnerability is categorized under CWE-425, which relates to improper authorization, indicating that the router's access controls do not adequately restrict user privileges or session handling. The CVSS 3.1 base score of 6.5 reflects a scenario where the attacker requires low privileges (PR:L) but no user interaction (UI:N) and can exploit the vulnerability remotely over the network (AV:N). The impact is primarily on confidentiality (C:H), with no direct effect on integrity or availability. No known exploits are currently reported in the wild, and no official patches or vendor advisories are linked, which suggests that mitigation may rely on configuration changes or firmware updates if available. The vulnerability highlights risks in consumer-grade networking equipment where session management and authorization controls are often less robust, potentially allowing attackers to escalate privileges or extract sensitive credentials once inside the network perimeter.
Potential Impact
For European organizations, especially small and medium enterprises or home offices relying on Tenda AC1200 W15Ev2 routers, this vulnerability poses a significant confidentiality risk. Attackers with network access—such as malicious insiders, compromised devices on the LAN, or attackers who gain temporary physical access—could extract router passwords or other sensitive configuration data. This exposure could lead to further network compromise, including interception of traffic, unauthorized changes to network settings, or pivoting to other internal systems. Given the widespread use of consumer-grade routers in European homes and small businesses, exploitation could facilitate broader attacks such as data breaches or espionage. The lack of integrity and availability impact reduces the risk of service disruption but does not diminish the threat to sensitive information confidentiality. Additionally, the vulnerability could be leveraged in targeted attacks against high-value individuals or organizations using this router model, especially if combined with other vulnerabilities or social engineering tactics.
Mitigation Recommendations
Organizations and users should first verify if their Tenda AC1200 W15Ev2 router is running the vulnerable firmware version V15.11.0.10(1576). If so, they should check for any available firmware updates from Tenda that address this vulnerability. In the absence of official patches, users should: 1) Change default and current router passwords to strong, unique credentials to reduce the risk of unauthorized access. 2) Restrict administrative access to the router interface by limiting it to wired connections or specific trusted IP addresses, disabling remote management if enabled. 3) Implement network segmentation to isolate the router management interface from less trusted devices. 4) Monitor router logs for unusual access patterns or configuration changes. 5) Regularly reboot the router to clear session states that might be exploited. 6) Consider replacing the device with a more secure router model if updates or mitigations are unavailable. Additionally, educating users about the risks of exposing router interfaces and enforcing strict access controls on network devices will help reduce exploitation likelihood.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-09-19T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682cd0fc1484d88663aecc45
Added to database: 5/20/2025, 6:59:08 PM
Last enriched: 7/6/2025, 5:57:15 PM
Last updated: 8/11/2025, 2:43:19 AM
Views: 10
Related Threats
CVE-2025-8859: Unrestricted Upload in code-projects eBlog Site
MediumCVE-2025-8865: CWE-476 NULL Pointer Dereference in YugabyteDB Inc YugabyteDB
MediumCVE-2025-8852: Information Exposure Through Error Message in WuKongOpenSource WukongCRM
MediumCVE-2025-8864: CWE-532 Insertion of Sensitive Information into Log File in YugabyteDB Inc YugabyteDB Anywhere
MediumCVE-2025-8851: Stack-based Buffer Overflow in LibTIFF
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.